0

I'm having issues fetching an external API who should return JSON.

The API doesn't have CORS enabled so I'm trying to use fetch with the option mode: "no-cors". I tried to use jsonp but doesn't work at all.

So here's the piece of code:

fetch(APIURL, {
  mode: "no-cors",
}).then(response => {
  console.log(response)
  return response.json();
}).then(data => {
  console.log(data);
}).catch(err => {
  console.log(err)
});

The catch statement returns this:

SyntaxError: "JSON.parse: unexpected end of data at line 1 column 1 of the JSON data"

Here's the result of console.log(response)

bodyUsed: true
headers: Headers
   <prototype>: HeadersPrototype { append: append(), delete: delete(), get:   get(), … }
ok: false
redirected: false
status: 0
statusText: ""
type: "opaque"
url: ""
<prototype>: ResponsePrototype { clone: clone(), arrayBuffer: arrayBuffer(), blob: blob(), … }

But in the network tab I can see the JSON response that I want to use so I find it weird that I can see it in there so I assume the problem is on my end. I tried validating the JSON output in a validator and it's a valid JSON.

Any Ideas?

Improve this question
7
  • 1
    If there is no Access-Control-Allow-Origin: * header, you simply can't access it. As far as I know the only options you have are to ask the owner of the API to add your IP / domain or he could set the value to * to allow everyone to access it or you could use an entirely different API which supports CORS. Commented Jan 30, 2019 at 10:29
  • can you write the result of console.log(response) Commented Jan 30, 2019 at 10:31
  • Is this a public REST API you are trying to call? Seems like a network error. We can try it for you if you can share the API address Commented Jan 30, 2019 at 10:34
  • @mstfyldz I've edited the post with the response Commented Jan 30, 2019 at 10:38
  • response is not json, so you cannot use response.json() for the data which is not json structure. Commented Jan 30, 2019 at 10:43

1 Answer 1

Reset to default
2

Under normal circumstances, you cannot read data from a third party site due to the Same Origin Policy.

CORS allows the third party site to grant your JavaScript permission to read the data.

The no-cors setting is a means for your JavaScript to say "I do not want to do anything that requires permission from CORS". This lets you make a request to send data without being able to read the response (the benefit is that it avoids throwing an error message all over the developer console telling you that you can't read the data you aren't trying to read).

Since you need to read the data, you cannot use no-cors.

Since the site doesn't provide permission with CORS, you cannot read the data directly with client-side code.

Use a proxy.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Ok That's what I thought, but seeing the JSON in the network tab I really thought I was doing something wrong or I could find a workaround the CORS issue. I'll try to ask see if they can enable CORS for this app. Thanks Quentin
@bonhomme — The same origin policy is imposed by the browser. So the data arrives at the browser, but it refuses to share it with the JavaScript.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.